The Taddong Security Blog has a great list of vulnerable web applications you can play with to learn and test your web hacking knowledge and pen-testing tools, handcuffs not included. In other words, you can enter and stay at the playground without going to jail.

Some of them you download and install on your own systems, some of them you run as virtual machines (VMs) or ISOs on your systems, and others are available on the web for your malfeasance pleasure.

The apps are listed in 3 categories: offline, VMs/ISOs, and online. Each list has been ordered alphabetically. Get it here.

2 responses to “Application Hacking Playground”

Hi Mack, adding The Hacker Games to the list seems to be out of scope (it is just for web pen-testing environments), and specially because it tries to counterattack the tester ;). Anyway, thanks for the contribution!